Wireshark-bugs: [Wireshark-bugs] [Bug 11969] New: Buildbot crash output: fuzz-2016-01-07-13659.p
Date: Thu, 07 Jan 2016 00:10:03 +0000
Bug ID 11969
Summary Buildbot crash output: fuzz-2016-01-07-13659.pcap
Product Wireshark
Version unspecified
Hardware x86-64
URL https://www.wireshark.org/download/automated/captures/fuzz-2016-01-07-13659.pcap
OS Ubuntu
Status CONFIRMED
Severity Major
Priority High
Component Dissection engine (libwireshark)
Assignee bugzilla-admin@wireshark.org
Reporter buildbot-do-not-reply@wireshark.org

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2016-01-07-13659.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/001349.cap

Build host information:
Linux wsbb04 3.13.0-74-generic #118-Ubuntu SMP Thu Dec 17 22:52:10 UTC 2015
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 14.04.3 LTS
Release:    14.04
Codename:    trusty

Buildbot information:
BUILDBOT_REPOSITORY=ssh://wireshark-buildbot@code.wireshark.org:29418/wireshark
BUILDBOT_BUILDNUMBER=3461
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_SLAVENAME=clang-code-analysis
BUILDBOT_GOT_REVISION=e1c97dd440827a9b6815fb337cbf8629e5c92156

Return value:  0

Dissector bug:  0

Valgrind error count:  9



Git commit
commit e1c97dd440827a9b6815fb337cbf8629e5c92156
Author: Roland Knall <roland.knall@br-automation.com>
Date:   Mon Jan 4 14:19:55 2016 +0100

    extcap: Rewrite the tokenizer to use regexps

    Change the tokenizer to two regular expressions, which
    make the parsing of the sentence strings a lot safer and faster.

    Change-Id: I444adb8db10b689dd387c0caa951981ba28be917
    Reviewed-on: https://code.wireshark.org/review/13040
    Reviewed-by: Roland Knall <rknall@gmail.com>
    Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>


Command and args: ./tools/valgrind-wireshark.sh 

==13873== Memcheck, a memory error detector
==13873== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==13873== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright info
==13873== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2016-01-07-13659.pcap
==13873== 
==13873== Conditional jump or move depends on uninitialised value(s)
==13873==    at 0x686F60C: req_resp_hdrs_do_reassembly (req_resp_hdrs.c:133)
==13873==    by 0x6BF796F: dissect_http_message (packet-http.c:828)
==13873==    by 0x6BF6813: dissect_http (packet-http.c:3047)
==13873==    by 0x6847B54: call_dissector_through_handle (packet.c:619)
==13873==    by 0x6847B54: call_dissector_work (packet.c:694)
==13873==    by 0x68479FE: dissector_try_uint_new (packet.c:1151)
==13873==    by 0x6FD0023: decode_tcp_ports (packet-tcp.c:4632)
==13873==    by 0x6FD1119: process_tcp_payload (packet-tcp.c:4690)
==13873==    by 0x6FD05F2: desegment_tcp (packet-tcp.c:2271)
==13873==    by 0x6FD05F2: dissect_tcp_payload (packet-tcp.c:4757)
==13873==    by 0x6FD427F: dissect_tcp (packet-tcp.c:5626)
==13873==    by 0x6847B54: call_dissector_through_handle (packet.c:619)
==13873==    by 0x6847B54: call_dissector_work (packet.c:694)
==13873==    by 0x68479FE: dissector_try_uint_new (packet.c:1151)
==13873==    by 0x6C5182F: ip_try_dissect (packet-ip.c:1976)
==13873== 
==13873== 
==13873== HEAP SUMMARY:
==13873==     in use at exit: 1,093,625 bytes in 30,142 blocks
==13873==   total heap usage: 243,314 allocs, 213,172 frees, 32,819,144 bytes
allocated
==13873== 
==13873== LEAK SUMMARY:
==13873==    definitely lost: 3,068 bytes in 129 blocks
==13873==    indirectly lost: 43,216 bytes in 52 blocks
==13873==      possibly lost: 0 bytes in 0 blocks
==13873==    still reachable: 1,047,341 bytes in 29,961 blocks
==13873==         suppressed: 0 bytes in 0 blocks
==13873== Rerun with --leak-check=full to see details of leaked memory
==13873== 
==13873== For counts of detected and suppressed errors, rerun with: -v
==13873== Use --track-origins=yes to see where uninitialised values come from
==13873== ERROR SUMMARY: 9 errors from 1 contexts (suppressed: 0 from 0)

[ no debug trace ]


You are receiving this mail because:
  • You are watching all bug changes.